Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Trojan Alureon.A Detected After Clean Win7 Install

18 May 2013   #31
sharona

Windows 7 Professional SP1 64 bit
 
 

Actually, edee, I did a complete hdd wipe now, so it should be good.

I've gotten wifi on the laptop with the fresh install. Downloaded MSE and MBAM, all clear! I've been following the SF OEM Clean Install tutorial. (Haven't installed any not found drivers yet because I'm also dealing with a laptop that was full of BSOD. So, I'm treading slowly to see if it's a hardware problem. )

Of course, the real challenge might be getting the backed up files back onto the laptop. I'm still having trouble scanning the external HD I mentioned with MBAM. I was able to individually scan some folders without MBAM freezing. However, the bigger ones kept freezing the program mid-scan. Still. (Note, I've gotten no threats from the ones I was able to scan, but like I said yesterday, MBAM was showing at least 13 detected objects before it would freeze and become unresponsive.)

I've got SuperAntiSpyware scanning it now, to see if that can complete a scan.


My System SpecsSystem Spec
.
18 May 2013   #32
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

sharona

See if you could download the Hirens bootcd

Hiren's BootCD 15.2 - All in one Bootable CD » www.hiren.info

Burn the ISO to a disc by right-clicking on the ISO file and choose but image to disc . Boot to the disc and run malwarebytes from there . Update the definitions first .

Note   Note
Its a live CD
My System SpecsSystem Spec
18 May 2013   #33
cottonball

Windows 7 Home Premium
 
 

sharona,

Before you engage in anything else, please do the following:

Go to the TDSSKiller Download
Select the .exe version
Double-click on TDSSKiller.exe to run the program.


When the TDSSKiller console opens, click on: Change Parameters
Under Additional Options, place a check in the box next to: Detect TDLFS File System
Click: OK


Press: Start Scan



•If a suspicious object is detected by this program, the default action is Skip. Leave this action as is, and click on: Continue
•If malicious objects are found, they show in the Scan results.
Ensure Cure (the default action) is selected, then click: Continue > Reboot now, to finish the cleaning process.
(Note: If Cure is not available, select Skip, >>Do not select: Delete<<)


When done, the tool creates a log on the disk with the Windows Operating System, normally C:\


Logs have a name like:
C:\TDSSKiller.X.X.X_1.05.2013_15.31.43_log.txt


Please attach the TDSSKiller log in your reply.
My System SpecsSystem Spec
.

18 May 2013   #34
sharona

Windows 7 Professional SP1 64 bit
 
 

VistaKing, I couldn't find a target link for .iso download at the site. I found this after googling, though. Is it legit?

Cottonball, do you want me to run TDSSKiller on just the other person's laptop or also on mine?
My System SpecsSystem Spec
18 May 2013   #35
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Looks legit . I believe cottonball wants you to run the TSSKiller on the laptop with the issue .
My System SpecsSystem Spec
18 May 2013   #36
sharona

Windows 7 Professional SP1 64 bit
 
 

Okay, thanks. Attached the log:


Attached Files
File Type: txt TDSSKiller.2.8.16.0_18.05.2013_22.26.40_log.txt (122.7 KB, 8 views)
My System SpecsSystem Spec
18 May 2013   #37
VistaKing

Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
 
 

Did you select Detect TDLFS File System ?

If you did . And your laptop freezes when you scan the external drive the issue could be with the drive itself . Did you have that plugged in when you ran TSSKiller ?
My System SpecsSystem Spec
19 May 2013   #38
sharona

Windows 7 Professional SP1 64 bit
 
 

Sorry, it's been a long day, and I think I'm starting to confuse myself. The log I posted was from the laptop I wiped and did a clean install on. Attaching the one for my personal one which does have the HD plugged in. I did check that detect option while the external drive was plugged in. Still, no issues.

ETA: (I don't know if this forum allows double-posting or not, so I'm editing this post to add something.)

Re: MBAM issues: I did run SuperAntiSpyware on the external hard drive, and it found only 1 thing, the Trojan.Agent/Gen, and the file was removed. I wasn't able to run MBAM on the external hard drive from the bootCD, unfortunately. (I didn't see the option to scan the drive with MBAM when right-click, nor did I see the option in MBAM to select the drive.)

I noticed that Windows wants to "Fix File System Errors" on the hard drive, possibly after a force shut down it wasn't disconnected correctly. I haven't done this in forever, so please forgive the possibly silly question. But, if I allow it to automatically fix system errors on the external drive, do I risk it deleting anything/everything? I thought maybe the system errors could be what's freezing MBAM.


Attached Files
File Type: txt TDSSKiller.2.8.16.0_18.05.2013_23.56.07_log.txt (129.5 KB, 4 views)
My System SpecsSystem Spec
19 May 2013   #39
sharona

Windows 7 Professional SP1 64 bit
 
 

Sorry for the double post, I just wanted to upload this MBAM log. I was finally able to get it to work from the bootcd. I've attached it. (I noticed there were a few things found on the "X:\" drive, but the X drive apparently referred to the mini Win XP environment the CD booted into -- or that's how I understood it.) I had the things detected removed.

Also, quick question, hope it's okay to ask. The documents I need to put back on the other person's laptop don't seem to be infected. Would I be able to maybe upload them to a cloud site and then download them to the laptop I need to put them on without transferring a virus/malware -- since I'm not plugging the infected external HD directly to the machine?

Thanks in advance!


Attached Files
File Type: txt mbam-log-2013-05-19 (13-04-46).txt (2.5 KB, 4 views)
My System SpecsSystem Spec
19 May 2013   #40
cottonball

Windows 7 Home Premium
 
 

Our apology, sharona, but, Malwarebytes Anti-Malware needs to be installed and run from the Operating System, and not a Hiren's Boot CD. Running it from this kind of CD is not proper (End-User License Agreement), and is subject to a high rate of false positives.

Please refresh my memory, which laptop is the one with the problem, the one with ComputerName: AMERICANMARBLE, or, ComputerName: NAOKO?
My System SpecsSystem Spec
Reply

 Trojan Alureon.A Detected After Clean Win7 Install




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
SATA internal hard disk not detected after clean installation of Win7
i have a Dell XPS 14, i7 intel core, 8 gb RAM. When i installed windows 7, i deleted the partitions of my internal hard drive 465 gb as it is necessary for a clean install of windows 7. i have installed all the drivers that matches my dell service code and the windows updates. But the internal...
Hardware & Devices
Alureon.E (virus)trojan
Hello everyone, i'm Brato and i need help with this virus - Alureon.E. My laptop (VAIO - W7 Home Premium x64) has been infected with it a couple of months ago, i've searched the internet but didn't find a solution. My MSE antivirus keeps telling me the system is infected with this particullary kind...
System Security
No manufacturer detected after clean install
Hi all, After a clean install of Windows I noticed that when I right click My Computer and select properties, there is no manufacturer information as well as the logo. Under System in this window the first on the list is the system rating. I tried going through the registry and in...
Installation & Setup
boot:\physicaldrive0\partition3 (type 17) Alureon.E (virus)trojan
Good afternoon/evening, Sevenforums professionals:o My name is kyle and I'm looking for help to remove/cure some issues I'm having with my desktop Gateway PC. This is on a Windows 7 home premium 64bit, i3 processor. Here are the problems detected by Microsoft Security Essentials: ...
System Security
Trojan:DOS/Alureon.A
I've had this incredibly annoying infection for the last few weeks. I've done some searching online and don't get many clear answers about this one. It got to the point that i formatted my hdd, which was due anyway, but after a fresh install of Win 7 i still get prompts from MSE. I've gathered...
System Security
Alureon Bootkit Trojan - Crossing the 64 bit Barrier
UAC is there for a reason!
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 19:49.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App